RSA Report: Rogue Mobile Apps Account for 28 Percent of Fraud Attacks

Aug 14, 2018 | by Heidi Bleau

Today, RSA released its Q2 2018 fraud report, providing an inside look at the cybercrime and fraud trends observed across attack vector, digital channels and region. One insight that stood out was the growth of rogue mobile applications as a fraud attack vector. Over one in four, or 28% of all fraud attacks detected by RSA in the second quarter were attributed to a rogue mobile application. But what exactly does that mean?

Rogue mobile apps take on many faces. Fraudsters take advantage of the trust many consumers place in the mobile channel by creating malicious applications that appear genuine, but are used for fraudulent purposes. They can be likened to phishing emails, only using a mobile app. One popular example is fake banking applications asking for extensive permissions that enable fraudsters to gain almost exclusive access to a user’s mobile phone. Most often, these apps are used to divert the out-of-band SMS codes used in identity verification from the genuine user’s phone to one managed by the fraudster. Other apps developed to gain these permissions also use the face of popular games or trusted consumer brands.

However, rogue mobile apps do not always encompass a “fraud attack” in the traditional sense of targeting consumer financial information. Another common example of a rogue mobile app often uncovered by RSA is the unauthorized use of a legitimate trusted brand for profit. An example of this might be a third-party developer creating an ATM locator app of a large bank and charging consumers money to download it without having an agreement in place with the brand owner.

As part of our managed threat services, RSA monitors dozens of official and alternative app stores with the goal of detecting malicious and unauthorized apps targeting our customers. Just as social media has become a lucrative channel for fraudsters to share, communicate and conduct business, mobile applications are another growing attack channel being leveraged for cybercrime monetization. As organizations continue to grow their digital business and launch new mobile services, it is important to be aware of the fraud risks and vulnerabilities in this rapidly growing channel. RSA will continue to report on this trend in our quarterly fraud report.

Other highlights from the latest report include:

Phishing accounted for 41 percent of all fraud attacks observed by RSA in Q2. Canada, the United States, and the Netherlands were the top three countries most targeted by phishing.

Fraud from mobile browsers and mobile applications increased in Q2 2018 and represented 71 percent of total fraud transactions.

The average value of a fraudulent transaction in Europe was $392 USD, a 78 percent difference than the average genuine transaction. The average value of fraudulent vs. genuine transactions was also much higher in the U.S., UK, and Australia.

While less than a half of one percent of legitimate payment transactions were attempted from a new account and new device, this combination accounted for 27 percent of the total value of fraudulent payments.